CVE-2022-0336
Summary
| CVE | CVE-2022-0336 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2022-08-29 15:15:00 UTC |
|---|
| Updated | 2023-09-17 09:15:00 UTC |
|---|
| Description | The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as one added when a computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| Red Hat Customer Portal - Access to 24x7 support and knowledge |
MISC |
access.redhat.com |
|
| Samba: Multiple Vulnerabilities (GLSA 202309-06) — Gentoo security |
GENTOO |
security.gentoo.org |
|
| 14950 – (CVE-2022-0336) CVE-2022-0336 [SECURITY] Re-adding an SPN skips subsequent SPN conflict checks |
MISC |
bugzilla.samba.org |
|
| CVE-2022-0336: s4/dsdb/samldb: Don't return early when an SPN is re-a… · samba-team/samba@1a5dc81 · GitHub |
MISC |
github.com |
|
| CVE-2022-0336: pytest: Add a test for an SPN conflict with a re-added… · samba-team/samba@c58ede4 · GitHub |
MISC |
github.com |
|
| Samba - Security Announcement Archive |
MISC |
www.samba.org |
|
| 2046134 – (CVE-2022-0336) CVE-2022-0336 samba: Samba AD users with permission to write to an account can impersonate arbitrary services |
MISC |
bugzilla.redhat.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 179066 Debian Security Update for samba (DSA 5071-1)
- 179080 Debian Security Update for samba (CVE-2022-0336)
- 198651 Ubuntu Security Notification for Samba Vulnerabilities (USN-5260-1)
- 282312 Fedora Security Update for samba (FEDORA-2022-50da406d40)
- 282317 Fedora Security Update for samba (FEDORA-2022-055efdd9dc)
- 296057 Oracle Solaris 11.4 Support Repository Update (SRU) 44.113.4 Missing (bulletinapr2022)
- 354310 Amazon Linux Security Advisory for samba : ALAS2022-2022-022
- 354496 Amazon Linux Security Advisory for samba : ALAS2022-2022-224
- 354550 Amazon Linux Security Advisory for samba : ALAS-2022-224
- 355336 Amazon Linux Security Advisory for samba : ALAS2023-2023-032
- 502620 Alpine Linux Security Update for samba
- 503810 Alpine Linux Security Update for samba
- 671442 EulerOS Security Update for samba (EulerOS-SA-2022-1459)
- 671468 EulerOS Security Update for samba (EulerOS-SA-2022-1438)
- 671569 EulerOS Security Update for samba (EulerOS-SA-2022-1586)
- 671623 EulerOS Security Update for samba (EulerOS-SA-2022-1666)
- 671635 EulerOS Security Update for samba (EulerOS-SA-2022-1652)
- 690784 Free Berkeley Software Distribution (FreeBSD) Security Update for samba (8579074c-839f-11ec-a3b2-005056a311d1)
- 710751 Gentoo Linux Samba Multiple Vulnerabilities (GLSA 202309-06)
- 751680 OpenSUSE Security Update for samba (openSUSE-SU-2022:0283-1)
- 751683 SUSE Enterprise Linux Security Update for samba (SUSE-SU-2022:0323-1)
- 751994 SUSE Enterprise Linux Security Update for samba (SUSE-SU-2022:0283-1)
- 903851 Common Base Linux Mariner (CBL-Mariner) Security Update for samba (10741)
